Getting error with hashdump command

[Joyen12]

Hi,

I'm trying your program on a test site on my hosting (because I got hacked and I want to see what they were able to get) and when I try hashdump it is giving me this error. I tried to troubleshoot and I found out that sendcommand.text is empty but I cannot figure out why...

It does that also for dbcreds but not for keylogger, it is strange...

Here is the output of the error :

os-shell> hashdump
Traceback (most recent call last):
File "yertle.py", line 466, in
main()
File "yertle.py", line 447, in main
commandloop(args.target, uploaddir)
File "yertle.py", line 98, in commandloop
hashdump(host, uploaddir)
File "yertle.py", line 306, in hashdump
items = datacreds(host, uploaddir)
File "yertle.py", line 134, in datacreds
user = credextract(sendcommand.text, 'DB_USER')
File "yertle.py", line 147, in credextract
return se[2]
IndexError: list index out of range

Thanks a lot for your help

[n00py]

So what that function is doing:
Looks for wp-config.php. It assumes that it is three directories up, so if yertle is at /wp-content/plugins/random/shell.php, it will look for it at ../../../wp-config.php.

So this is a possible issue. Can you check on your site to see if these files (shell.php and wp-config.php) are in their expected locations?

also it is looking for DB_USER in wp-config.php. It is also splitting strings on single quotes.

Can you tell me if wp-config as DB_USER in it, and if the value is enclosed in single quotes?